September 28, 2010

Cybercriminals Target LinkedIn Members: Cisco

Cisco warned LinkedIn members on Monday that spammers have flooded users with emails that attempt to trick them into downloading software that steals bank account numbers and other information.

"Starting this morning "” Monday, September 27, at 10am GMT "” cyber criminals sent spam email messages targeting users of the LinkedIn social media community. This is the largest such attack known to date," wrote Cisco in a warning posted on the company's security community blog.

At times, the messages accounted for nearly a quarter of all the spam email sent to LinkedIn members, Cisco said.

Members of the career-oriented social networking service were being sent phone email alerts with a fictitious contact request containing a link that, if clicked, infects computers with a malicious code known as "ZeuS."

"Clicking the link takes victims to a web page that says, "ËœPLEASE WAITING"¦. 4 SECONDS' and redirects them to Google," Cisco said.

"During those four seconds, the victim's PC is infected with the ZeuS data-theft malware via a drive-by download."

The malicious code then "embeds itself in the victim's web browser and captures personal information, such as online banking credentials, and is widely used by criminals to pilfer commercial bank accounts," Cisco said.

"What makes this attack unique is the combination of the extremely high volume of messages transmitted, the focus on business users, and the use of the ZeuS data-theft malware."

"This strongly suggests that the criminals behind this attack are most interested in employees with access to financial systems and online commercial bank accounts."

The networking company advised users to delete the fraudulent emails.

"Organizations should encourage individuals to delete such requests, especially if they do not know the name of the contact," Cisco said.

The ZeuS alerts are the second attack of this magnitude this month alone, following the "Here You Have" email worm sent a few weeks ago.

"This is not the first time that criminals have subverted brands associated with online social media," Cisco said.

Cisco said it expects to see more spam messages containing malware sent to organizations in an attempt to collect personal information.


On the Net: